<?php
/**
 * 《员工权限》实现类
 *
 * @author 孙晓晔
 * @version $Id: Priv.class.php 1035 2010-03-26 05:24:59Z sunxy $s
 */

require_once(dirname(__FILE__) . '/Emp.class.php');

class EmpPriv extends Emp {
	public $tbl = Constant::tbl_emp_priv;
	
	public $status = array(
		'-' => '请选择',
		'1' => '已开通',
		'2' => '未开通',

		'9' => '其它',
	);

	public $orderby = array(
		'-' => '请选择',
		'emp' => '员工',
		'cc' => '模块',
		'action' => '行为',
		'1' => '创建时间',
		'2' => '更新时间',
	);

	function __construct() {
		$request['update'] = '$Date: 2009/03/06 11:35:48 $';
		$request['revision'] = '$Revision: 1.2 $';

		parent::__construct($request);
	}

	function pretreat($controller) {
		parent::pretreat($controller);

		$controller->assign_by_ref('uri_cc', Common::cc());
	}

	/**
	 * 首页
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function tab($controller, $request) {
		$data = array(
			'所属权限' => array('cc'=>'emp.php?do=EmpPriv.find', 'js'=>''),
			'所属角色' => array('cc'=>'emp.php?do=EmpRole.find', 'js'=>''),			
			'管理业务' => array('cc'=>'emp.php?do=EmpService.find', 'js'=>''),
				
			'领导关系' => array('cc'=>'emp.php?do=Leader.find', 'js'=>''),
		
			'角色信息' => array('cc'=>'info.php?do=Role.find', 'js'=>'1'),
			'业务信息' => array('cc'=>'info.php?do=Service.find', 'js'=>'1'),
			'权限信息' => array('cc'=>'info.php?do=Priv.find', 'js'=>'1'),
		
			'员工密码' => array('cc'=>'emp.php?do=Password.find', 'js'=>''),
		);
		
		$ret = $this->_tab($data);

		$controller->assign_by_ref('result', $ret);

		$controller->display($request, 'tab');
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function find($controller, $request) {
		$this->pretreat($controller);

		$controller->display($request, 'emp/priv/find');
		return true;
	}

	function _orderby_x($controller, $row, $px) {
		$orderby = $this->orderby['1'];
		$row['orderby_x'] = $row['createtime'];

		if (empty($px) || $px == '-' || $px == '1') {
			$controller->assign('orderby', $orderby);

			return $row;
		}

		if ($px == '2') {
			$orderby = $this->orderby[$px];
			$row['orderby_x'] = $row['modifytime'];
		}

		if ($px == '`join`') {
			$orderby = $this->orderby[$px];
			$row['orderby_x'] = $row['join'];
		}

		$controller->assign('orderby', $orderby);

		return $row;
	}

	function _where($request) {
		$where = " WHERE 1=1";

		if (!empty($request['cc_s']) && $request['cc_s'] <> '-') {
			$where .= " AND cc = '" . $request['cc_s'] . "'";
		}
		if (!empty($request['action_s'])) {
			$where .= " AND action like '" . $request['action_s'] . "%'";
		}

		$where .= $this->_where_default($request);
		$where = $this->_where_aa($where);

		return $where;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function findPost($controller, $request) {
		$this->pretreat($controller);

		$this->findPara($controller, $request);

		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s a %s %s";
		$where = $this->_where($request);
		$orderby = $this->_orderby();
		$sql = sprintf($fmt, $this->tbl, $where, $orderby);
		debug($sql);

		$pager_option = array (
            'db' => $db,
            'sql' => $sql,
            'PageSize' => $this->pagesize,
            'CurrentPageID' => $request['p'],
            'numItems' => $request['n']
		);

		$pager = @new Pager($pager_option);
		$data = $pager->getPageData();

		if ($pager->number > 0) {
			$count = 0;
			$from = $pager->from;
			while ($count < $pager->number) {
				$row = $data[$count];				
				$row = $this->_view(null, $row);

				$row = $this->_orderby_x($controller, $row, $this->orderby_s);

				$data[$count] = $row;
				$count++;
			}
			$controller->assign_by_ref('result', $data);
			$controller->assign_by_ref('pager', $pager);
		}

		$controller->display($request, 'emp/priv/list');
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function copy($controller, $request) {
		$this->pretreat($controller);

		$id = $request['id'];
		$row = $this->_view($id);

		$controller->assign_by_ref('result', $row);

		$controller->display($request, 'emp/priv/copy');
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function copyPost($controller, $request) {
		$this->pretreat($controller);

		$emp = $this->_input($request['emp']);
		$office = $this->_office($emp);
		
		$name = $request['name'];
		$cc = $request['cc'];
		$action = $request['action_'];
		$status = $request['status'];

		$db = newdb($this->dsn_w);
		$fmt = "INSERT INTO %s(emp, name, cc, action, status, createtime, modifytime) VALUES('%s', '%s', '%s', '%s', '%s', now(), now())";
		$sql = sprintf($fmt, $this->tbl, $emp, $name, $cc, $action, $status);
		// debug($sql);
		$db->query($sql);

		$controller->assign('baseLink', $this->doGet($request, 'findPost'));

		$this->findPost($controller, $request);
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function edit($controller, $request) {
		$this->pretreat($controller);

		$id = $request['id'];
		$row = $this->_view($id);

		$controller->assign_by_ref('result', $row);

		$controller->display($request, 'emp/priv/edit');
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function editPost($controller, $request) {
		$this->pretreat($controller);

		$id = $request['id'];
		clean($this->tbl . "_id_" . $id);

		$emp = $this->_input($request['emp']);
		$office = $this->_office($emp);
		
		$name = $request['name'];
		$cc = $request['cc'];
		$action = $request['action_'];

		$status = $request['status'];

		$db = newdb($this->dsn_w);
		$fmt = "UPDATE %s SET emp = '%s', name = '%s', cc = '%s', action = '%s', status = '%s', modifytime = now() WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp, $name, $cc, $action, $status, $id);
		$db->query($sql);

		$controller->assign('baseLink', $this->doGet($request, 'findPost'));

		$this->findPost($controller, $request);
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function view($controller, $request) {
		$this->pretreat($controller);

		$id = $request['id'];
		$row = $this->_view($id);

		$controller->assign_by_ref('result', $row);

		require_once 'Emp.class.php';
		$emp = new Emp();
		$controller->assign_by_ref('emp', $emp->_view($row['emp']));

		$controller->display($request, 'emp/priv/view');
		return true;
	}
	
	function _view($id = 0, $row = null) {
		if ($row == null) {
			clean($this->tbl . "_id_" . $id);
			$row = $this->id($this->tbl, $id);
		}

		$row = $this->_view_t($row);
		
		return $row;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function delete($controller, $request) {
		$this->pretreat($controller);

		$db = newdb($this->dsn_w);
		$insql = "id in ('000000000";
		while (list($k, $v) = each($request)) {
			if (substr($k, 0, 2) == "c_") {
				$insql .= "', '" . $v;
			}
		}
		$insql .= "')";
		$sql = "DELETE FROM " . $this->tbl . " WHERE " . $insql;
		$query = $db->query($sql);

		$controller->assign('baseLink', $this->doGet($request, 'findPost'));

		$this->findPost($controller, $request);
		return true;
	}
	
	function _cc_action($cc, $action) {			
		$db = newdb($this->dsn_r);
		$fmt = "SELECT COUNT(*) AS t FROM %s WHERE cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $cc, $action);
		debug($sql);
		$result = $db->query($sql);
		$b = $db->fetch_array($result);
			
		$fmt = "SELECT COUNT(*) AS t FROM %s WHERE status = 1 AND cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $cc, $action);
		debug($sql);
		$result = $db->query($sql);
		$a = $db->fetch_array($result);
			
		return $a['t'] . '/' . $b['t'];
	}
	
	function action_emp($ret, $emp) {
		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s WHERE emp = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp);
		// debug($sql);
		$result = $db->query($sql);
		
		// $ret = array();
		while ($row = $db->fetch_array($result)) {
			if ($row['status'] == '1') {
				$aa = explode('.', $row['action']);
				$s = $row['cc'] . "?do=" . $aa[0] . ".";
				// $s = $row['cc'] . "?do=" . $aa[0];
				// $this->tree[$s] = $s;
				$ret[$s] = $s;
			}
		}

		// return true;
		return $ret;
	}

	function _priv_emp($priv, $emp) {
		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp, $priv['cc'], $priv['action']);
		// debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			if ($row['status'] == '1') {
				return true;
			}
		}

		return false;
	}
	
	function _emp_priv($emp, $cc, $action) {
		$s = explode('.', $action);

		$db = newdb($this->dsn_r);

		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND cc = '%s' AND (action = '%s.' OR action = '%s')";
		$sql = sprintf($fmt, $this->tbl, $emp, $cc, $s[0], $action);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			if ($row['status'] == '1') {
				return true;
			}
		}

		return false;
	}
	
	function _reset($priv) {
		$db = newdb($this->dsn);
		$fmt = "UPDATE %s SET status = '2' WHERE cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $priv['cc'], $priv['action']);
		debug($sql);
		$db->query($sql);
	}

	function _reset_emp($emp) {
		$db = newdb($this->dsn_w);
		$fmt = "UPDATE %s SET status = '2' WHERE action LIKE '%s' AND emp = '%s'";
		$sql = sprintf($fmt, $this->tbl, "%.", $emp);
		// debug($sql);
		$db->query($sql);
	}
	
	function _update($emp, $priv_id) {
		$db = newdb($this->dsn_w);
		
		$priv = $this->id(Constant::tbl_priv, $priv_id);
		$name = $priv['name'];
		$cc = $priv['cc'];
		$action = $priv['action'];
		
		$office = $this->_office($emp);
		$dept = $this->_emp_dept($emp);

		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp, $cc, $action);
		// debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			$fmt = "UPDATE %s SET status = '1', modifytime = now() WHERE id = '%s' ";
			$sql = sprintf($fmt, $this->tbl, $row['id']);
		} else {
			$fmt = "INSERT INTO %s(office, dept, emp, name, cc, action, createtime, modifytime) VALUES('%s', '%s', '%s', '%s', '%s', '%s', now(), now())";
			$sql = sprintf($fmt, $this->tbl, $office, $dept, $emp, $name, $cc, $action);
		}
		// debug($sql);
		$db->query($sql);
	}
	
	function _copy($from, $to) {
		
		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND status = '1'";
		$sql = sprintf($fmt, $this->tbl, $from);
		debug($sql);
		$result = $db->query($sql);
		while ($row = $db->fetch_array($result)) {
			$this->_priv($to, $row);
		}
	}
	
	function _priv($to, $row) {
		$name = $row['name'];
		$cc = $row['cc'];
		$action = $row['action'];
		
		$emp = $to;
		$office = $this->_office($emp);
		$dept = $this->_emp_dept($emp);

		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND cc = '%s' AND action = '%s'";
		$sql = sprintf($fmt, $this->tbl, $to, $cc, $action);
		// debug($sql);
		$result = $db->query($sql);
		if ($db->num_rows($result) > 0) {
			return false;
		} else {
			$fmt = "INSERT INTO %s(office, dept, emp, name, cc, action, createtime, modifytime) VALUES('%s', '%s', '%s', '%s', '%s', '%s', now(), now())";
			$sql = sprintf($fmt, $this->tbl, $office, $dept, $to, $name, $cc, $action);
			// debug($sql);
			$db->query($sql);
		}
		
		return true;
	}
	
	function view_emp($controller, $request) {
		$this->pretreat($controller);
	
		$id = $request['id'];
	
		$ret = $this->_list_emp($id);
	
		$controller->assign_by_ref('result', $ret);
	
		$controller->display($request, 'emp/priv/_list');
		return true;
	}
}
?>
